package com.sl.au.interceptor;

import java.io.PrintWriter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.util.StringUtils;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.sl.au.entity.Account;
import com.sl.au.entity.Module;

public class LoginInterceptor extends HandlerInterceptorAdapter {
	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {

		// 移动端暂时放行
		String device = request.getHeader("device");
		if (StringUtils.hasText(device) && device.equals("mobile"))
			return true;

		String URL = request.getRequestURI().toString();

		String crmout = request.getHeader("crm-out");
		String outkey = "D9A61EBF-4CC6-4E49-9561-58A6E34F34DF";
		String userid = request.getHeader("userid");
		if (StringUtils.hasText(crmout) && crmout.equals(outkey) && StringUtils.hasText(userid)) return true;
		
		
		if (URL.contains("/crmout/") || URL.contains("/json") || URL.contains("loginmessage"))
			return true;

		Account account = (Account) request.getSession().getAttribute("account");
		String contextPath = request.getContextPath();

		if (StringUtils.hasText(contextPath) && URL.startsWith(contextPath)) {
			URL = URL.substring(contextPath.length());
		}

		// 首页允许
		if (URL.equals("/ui/index") || URL.contains("/index/")) {
			return true;
		}
		// 登录页允许
		if (URL.endsWith("login")||URL.endsWith("login/submit")) {
			//request.getSession().removeAttribute("account");
			//request.getSession().invalidate();
			return true;

		}

		// session中没有账号的情况
		if (account == null && !URL.endsWith("login/submit")) {
			// response.sendRedirect(contextPath + "/ui/login");
			response.setContentType("text/html");
			PrintWriter out = response.getWriter();
			out.print("<script type='text/javascript'>alert('禁止未登录用户访问'); window.location.href='"
					+ request.getContextPath() + "/ui/login';</script>");
			out.flush();
			out.close();
			return false;
		}
		// 有账号要进行权限审核
		if (null != account) {
			Boolean isOwner = false;

			if (URL.contains("/index/") 
					|| URL.contains("/task/") 
					|| URL.contains("/crmout/") || URL.contains("/a/")
					|| URL.contains("/getModulePage") || URL.contains("/getManagerPage") || URL.contains("/getStaff")
					|| URL.contains("/afterSaleOutHouse/get") || URL.contains("/afterSaleOutHouse/save") 
					|| URL.contains("/validUser") 	|| URL.contains("/inventoryReduce/get") 
					|| URL.contains("/chance/detail") ||URL.contains("/chanceTrance/")
					||URL.contains("/chanceKeyMan/")	||URL.contains("/quote/get")
					||URL.contains("/demo/")
					||URL.contains("/getmystarts/")
					||URL.contains("/managerDelivery/deleteUser")||URL.contains("/rejectSave")
					|| URL.contains("/distribute")|| URL.contains("/user/getpage")|| URL.contains("/contract/getDevice")
					|| URL.contains("/getContract")//合同列表全部通过 --20170511
					|| URL.contains("/configdetailfor")) {//引入二期报价单--20170518
				return true;
			}

			for (Module m : account.getRole().getModules()) {
				if (URL.contains(m.getTarget())) {
					isOwner = true;
					break;
				}
				if (!m.getTarget().equals("#")) {
					String model = m.getTarget().split("/")[2];
					if (URL.contains(model))
						isOwner = true;
				}
			}
			if (!isOwner) {
				response.setContentType("text/html");
				PrintWriter out = response.getWriter();
				out.print("<script type='text/javascript'>alert('未授权访问'); window.history.go(-1);</script>");
				out.flush();
				out.close();

			}
			return isOwner;
		}
		return true;
	}
}
